diff options
| author | Greg Kroah-Hartman <gregkh@suse.de> | 2011-12-13 14:42:15 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-12-13 14:42:15 -0800 |
| commit | a42af0fdda86e717daaf2d7097f26d4f6a9076f5 (patch) | |
| tree | 07e5690779df4606ab6a4966d5f6010c5589fa68 | |
| parent | dec8ef70240889fa7f61df9eda5cb812cc5099e1 (diff) | |
| download | longterm-queue-2.6.32-a42af0fdda86e717daaf2d7097f26d4f6a9076f5.tar.gz | |
32 patches
added patches:
export-__get_user_pages_fast-function.patch
oprofile-x86-fix-crash-when-unloading-module-timer-mode.patch
oprofile-x86-fix-nmi-unsafe-callgraph-support.patch
4 files changed, 289 insertions, 0 deletions
diff --git a/queue-2.6.32/export-__get_user_pages_fast-function.patch b/queue-2.6.32/export-__get_user_pages_fast-function.patch new file mode 100644 index 0000000..0e752ad --- /dev/null +++ b/queue-2.6.32/export-__get_user_pages_fast-function.patch @@ -0,0 +1,54 @@ +From robert.richter@amd.com Tue Dec 13 14:38:03 2011 +From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> +Date: Tue, 13 Dec 2011 00:40:34 +0100 +Subject: export __get_user_pages_fast() function +To: Greg KH <greg@kroah.com> +Cc: <stable@vger.kernel.org>, oprofile-list <oprofile-list@lists.sourceforge.net> +Message-ID: <1323733236-1402-2-git-send-email-robert.richter@amd.com> + + +From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> + +commit 45888a0c6edc305495b6bd72a30e66bc40b324c6 upstream. + +Backport for stable kernel v2.6.32.y to v2.6.36.y. + +Needed for next patch: + + oprofile, x86: Fix nmi-unsafe callgraph support + +This function is used by KVM to pin process's page in the atomic context. + +Define the 'weak' function to avoid other architecture not support it + +Acked-by: Nick Piggin <npiggin@suse.de> +Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> +Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> +Signed-off-by: Robert Richter <robert.richter@amd.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> +--- + mm/util.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +--- a/mm/util.c ++++ b/mm/util.c +@@ -233,6 +233,19 @@ void arch_pick_mmap_layout(struct mm_str + } + #endif + ++/* ++ * Like get_user_pages_fast() except its IRQ-safe in that it won't fall ++ * back to the regular GUP. ++ * If the architecture not support this fucntion, simply return with no ++ * page pinned ++ */ ++int __attribute__((weak)) __get_user_pages_fast(unsigned long start, ++ int nr_pages, int write, struct page **pages) ++{ ++ return 0; ++} ++EXPORT_SYMBOL_GPL(__get_user_pages_fast); ++ + /** + * get_user_pages_fast() - pin user pages in memory + * @start: starting user address diff --git a/queue-2.6.32/oprofile-x86-fix-crash-when-unloading-module-timer-mode.patch b/queue-2.6.32/oprofile-x86-fix-crash-when-unloading-module-timer-mode.patch new file mode 100644 index 0000000..a2f5d0d --- /dev/null +++ b/queue-2.6.32/oprofile-x86-fix-crash-when-unloading-module-timer-mode.patch @@ -0,0 +1,83 @@ +From robert.richter@amd.com Tue Dec 13 14:39:00 2011 +From: Robert Richter <robert.richter@amd.com> +Date: Tue, 13 Dec 2011 00:40:36 +0100 +Subject: [PATCH 3/3] oprofile, x86: Fix crash when unloading module (timer mode) +To: Greg KH <greg@kroah.com> +Cc: <stable@vger.kernel.org>, oprofile-list <oprofile-list@lists.sourceforge.net> +Message-ID: <1323733236-1402-4-git-send-email-robert.richter@amd.com> + + +Fix for stable kernels v2.6.28.y to v2.6.34.y. This patch is for .32. + +Oprofile crashs while unlaoding modules and if in timer mode. Timer +mode is the fallback if the architectural initialization fails. The +pointer variable model is then used uninitialzied during exit causing +a NULL pointer dereference. + +It can be triggered with kernel parameters oprofile.timer=1 nolapic +used. Happens esp. in virtual machine environments. + +oprofile: using timer interrupt. +BUG: unable to handle kernel NULL pointer dereference at 0000000000000028 +IP: [<ffffffffa000251f>] op_nmi_exit+0x3d/0x4a [oprofile] +PGD 42ac5e067 PUD 42ac5d067 PMD 0 +Oops: 0000 [#1] PREEMPT SMP +last sysfs file: /sys/module/oprofile/refcnt +CPU 0 +Modules linked in: oprofile(-) +Pid: 2245, comm: modprobe Not tainted 2.6.32.21-oprofile-x86_64-debug-00038-gf4db115 #69 Anaheim +RIP: 0010:[<ffffffffa000251f>] [<ffffffffa000251f>] op_nmi_exit+0x3d/0x4a [oprofile] +RSP: 0018:ffff88042d4f9ec8 EFLAGS: 00010246 +RAX: 0000000000000000 RBX: ffffffffa0005590 RCX: ffff88042d4f9ea8 +RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 +RBP: ffff88042d4f9ec8 R08: ffff88042d4f9ee8 R09: 0000000000000000 +R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000080 +R13: 00000000fffffff5 R14: 0000000000000001 R15: 00000000006101e0 +FS: 00007fef6ac9c700(0000) GS:ffff880028200000(0000) knlGS:0000000000000000 +CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b +CR2: 0000000000000028 CR3: 000000042ac60000 CR4: 00000000000006f0 +DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 +Process modprobe (pid: 2245, threadinfo ffff88042d4f8000, task ffff88042cd66040) +Stack: + ffff88042d4f9ed8 ffffffffa0002096 ffff88042d4f9ee8 ffffffffa0003bbb +<0> ffff88042d4f9f78 ffffffff810748ad 656c69666f72706f 00007fff77a07800 +<0> ffff88042d4f9f28 ffffffff81068414 000000000060f180 0000000000000000 +Call Trace: + [<ffffffffa0002096>] oprofile_arch_exit+0xe/0x10 [oprofile] + [<ffffffffa0003bbb>] oprofile_exit+0x13/0x15 [oprofile] + [<ffffffff810748ad>] sys_delete_module+0x1cd/0x244 + [<ffffffff81068414>] ? trace_hardirqs_on_caller+0x114/0x13f + [<ffffffff8143ad47>] ? trace_hardirqs_on_thunk+0x3a/0x3f + [<ffffffff8100b13b>] system_call_fastpath+0x16/0x1b +Code: 48 c7 c7 90 4e 00 a0 e8 e7 15 22 e1 48 c7 c7 e0 4e 00 a0 e8 bd 18 22 e1 48 c7 c7 70 4e 00 a0 e8 94 4e 41 e1 48 8b 05 d1 39 00 00 <48> 8b 40 28 48 85 c0 74 02 ff d0 c9 c3 55 48 89 e5 e8 cb 88 00 +RIP [<ffffffffa000251f>] op_nmi_exit+0x3d/0x4a [oprofile] + RSP <ffff88042d4f9ec8> +CR2: 0000000000000028 +---[ end trace 18b12420ceb19193 ]--- + +Signed-off-by: Robert Richter <robert.richter@amd.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> +--- + arch/x86/oprofile/nmi_int.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/arch/x86/oprofile/nmi_int.c ++++ b/arch/x86/oprofile/nmi_int.c +@@ -750,12 +750,12 @@ int __init op_nmi_init(struct oprofile_o + + void op_nmi_exit(void) + { +- if (using_nmi) { +- exit_sysfs(); ++ if (!using_nmi) ++ return; ++ exit_sysfs(); + #ifdef CONFIG_SMP +- unregister_cpu_notifier(&oprofile_cpu_nb); ++ unregister_cpu_notifier(&oprofile_cpu_nb); + #endif +- } + if (model->exit) + model->exit(); + } diff --git a/queue-2.6.32/oprofile-x86-fix-nmi-unsafe-callgraph-support.patch b/queue-2.6.32/oprofile-x86-fix-nmi-unsafe-callgraph-support.patch new file mode 100644 index 0000000..023fdd5 --- /dev/null +++ b/queue-2.6.32/oprofile-x86-fix-nmi-unsafe-callgraph-support.patch @@ -0,0 +1,149 @@ +From robert.richter@amd.com Tue Dec 13 14:38:24 2011 +From: Robert Richter <robert.richter@amd.com> +Date: Tue, 13 Dec 2011 00:40:35 +0100 +Subject: [PATCH 2/3] oprofile, x86: Fix nmi-unsafe callgraph support +To: Greg KH <greg@kroah.com> +Cc: <stable@vger.kernel.org>, oprofile-list <oprofile-list@lists.sourceforge.net> +Message-ID: <1323733236-1402-3-git-send-email-robert.richter@amd.com> + +From: Robert Richter <robert.richter@amd.com> + +commit a0e3e70243f5b270bc3eca718f0a9fa5e6b8262e upstream. + +Backport for stable kernel v2.6.32.y to v2.6.36.y. + +Current oprofile's x86 callgraph support may trigger page faults +throwing the BUG_ON(in_nmi()) message below. This patch fixes this by +using the same nmi-safe copy-from-user code as in perf. + +------------[ cut here ]------------ +kernel BUG at .../arch/x86/kernel/traps.c:436! +invalid opcode: 0000 [#1] SMP +last sysfs file: /sys/devices/pci0000:00/0000:00:0a.0/0000:07:00.0/0000:08:04.0/net/eth0/broadcast +CPU 5 +Modules linked in: + +Pid: 8611, comm: opcontrol Not tainted 2.6.39-00007-gfe47ae7 #1 Advanced Micro Device Anaheim/Anaheim +RIP: 0010:[<ffffffff813e8e35>] [<ffffffff813e8e35>] do_nmi+0x22/0x1ee +RSP: 0000:ffff88042fd47f28 EFLAGS: 00010002 +RAX: ffff88042c0a7fd8 RBX: 0000000000000001 RCX: 00000000c0000101 +RDX: 00000000ffff8804 RSI: ffffffffffffffff RDI: ffff88042fd47f58 +RBP: ffff88042fd47f48 R08: 0000000000000004 R09: 0000000000001484 +R10: 0000000000000001 R11: 0000000000000000 R12: ffff88042fd47f58 +R13: 0000000000000000 R14: ffff88042fd47d98 R15: 0000000000000020 +FS: 00007fca25e56700(0000) GS:ffff88042fd40000(0000) knlGS:0000000000000000 +CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +CR2: 0000000000000074 CR3: 000000042d28b000 CR4: 00000000000006e0 +DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 +Process opcontrol (pid: 8611, threadinfo ffff88042c0a6000, task ffff88042c532310) +Stack: + 0000000000000000 0000000000000001 ffff88042c0a7fd8 0000000000000000 + ffff88042fd47de8 ffffffff813e897a 0000000000000020 ffff88042fd47d98 + 0000000000000000 ffff88042c0a7fd8 ffff88042fd47de8 0000000000000074 +Call Trace: + <NMI> + [<ffffffff813e897a>] nmi+0x1a/0x20 + [<ffffffff813f08ab>] ? bad_to_user+0x25/0x771 + <<EOE>> +Code: ff 59 5b 41 5c 41 5d c9 c3 55 65 48 8b 04 25 88 b5 00 00 48 89 e5 41 55 41 54 49 89 fc 53 48 83 ec 08 f6 80 47 e0 ff ff 04 74 04 <0f> 0b eb fe 81 80 44 e0 ff ff 00 00 01 04 65 ff 04 25 c4 0f 01 +RIP [<ffffffff813e8e35>] do_nmi+0x22/0x1ee + RSP <ffff88042fd47f28> +---[ end trace ed6752185092104b ]--- +Kernel panic - not syncing: Fatal exception in interrupt +Pid: 8611, comm: opcontrol Tainted: G D 2.6.39-00007-gfe47ae7 #1 +Call Trace: + <NMI> [<ffffffff813e5e0a>] panic+0x8c/0x188 + [<ffffffff813e915c>] oops_end+0x81/0x8e + [<ffffffff8100403d>] die+0x55/0x5e + [<ffffffff813e8c45>] do_trap+0x11c/0x12b + [<ffffffff810023c8>] do_invalid_op+0x91/0x9a + [<ffffffff813e8e35>] ? do_nmi+0x22/0x1ee + [<ffffffff8131e6fa>] ? oprofile_add_sample+0x83/0x95 + [<ffffffff81321670>] ? op_amd_check_ctrs+0x4f/0x2cf + [<ffffffff813ee4d5>] invalid_op+0x15/0x20 + [<ffffffff813e8e35>] ? do_nmi+0x22/0x1ee + [<ffffffff813e8e7a>] ? do_nmi+0x67/0x1ee + [<ffffffff813e897a>] nmi+0x1a/0x20 + [<ffffffff813f08ab>] ? bad_to_user+0x25/0x771 + <<EOE>> + +Cc: John Lumby <johnlumby@hotmail.com> +Cc: Maynard Johnson <maynardj@us.ibm.com> +Signed-off-by: Robert Richter <robert.richter@amd.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> +--- + arch/x86/oprofile/backtrace.c | 46 ++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 42 insertions(+), 4 deletions(-) + +--- a/arch/x86/oprofile/backtrace.c ++++ b/arch/x86/oprofile/backtrace.c +@@ -11,6 +11,8 @@ + #include <linux/oprofile.h> + #include <linux/sched.h> + #include <linux/mm.h> ++#include <linux/highmem.h> ++ + #include <asm/ptrace.h> + #include <asm/uaccess.h> + #include <asm/stacktrace.h> +@@ -47,6 +49,42 @@ static struct stacktrace_ops backtrace_o + .address = backtrace_address, + }; + ++/* from arch/x86/kernel/cpu/perf_event.c: */ ++ ++/* ++ * best effort, GUP based copy_from_user() that assumes IRQ or NMI context ++ */ ++static unsigned long ++copy_from_user_nmi(void *to, const void __user *from, unsigned long n) ++{ ++ unsigned long offset, addr = (unsigned long)from; ++ unsigned long size, len = 0; ++ struct page *page; ++ void *map; ++ int ret; ++ ++ do { ++ ret = __get_user_pages_fast(addr, 1, 0, &page); ++ if (!ret) ++ break; ++ ++ offset = addr & (PAGE_SIZE - 1); ++ size = min(PAGE_SIZE - offset, n - len); ++ ++ map = kmap_atomic(page, KM_USER0); ++ memcpy(to, map+offset, size); ++ kunmap_atomic(map, KM_USER0); ++ put_page(page); ++ ++ len += size; ++ to += size; ++ addr += size; ++ ++ } while (len < n); ++ ++ return len; ++} ++ + struct frame_head { + struct frame_head *bp; + unsigned long ret; +@@ -54,12 +92,12 @@ struct frame_head { + + static struct frame_head *dump_user_backtrace(struct frame_head *head) + { ++ /* Also check accessibility of one struct frame_head beyond: */ + struct frame_head bufhead[2]; ++ unsigned long bytes; + +- /* Also check accessibility of one struct frame_head beyond */ +- if (!access_ok(VERIFY_READ, head, sizeof(bufhead))) +- return NULL; +- if (__copy_from_user_inatomic(bufhead, head, sizeof(bufhead))) ++ bytes = copy_from_user_nmi(bufhead, head, sizeof(bufhead)); ++ if (bytes != sizeof(bufhead)) + return NULL; + + oprofile_add_trace(bufhead[0].ret); diff --git a/queue-2.6.32/series b/queue-2.6.32/series index 32c50d5..a64898d 100644 --- a/queue-2.6.32/series +++ b/queue-2.6.32/series @@ -10,3 +10,6 @@ jbd-jbd2-validate-sb-s_first-in-journal_get_superblock.patch make-taskstats-require-root-access.patch crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set.patch hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch +export-__get_user_pages_fast-function.patch +oprofile-x86-fix-nmi-unsafe-callgraph-support.patch +oprofile-x86-fix-crash-when-unloading-module-timer-mode.patch |